• DNAT problems

    Graham Chow
    Graham Chow
    I'm a home user, and I'm trying to configure my Foundry VTT server. via my XG v19. When I try to http to it via the WAN, I get a violation error (as you can see in the logs). I can HTTP to it using my fqdn ( http://titanbananabefore.online/) via my…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS V19 Web Certificates and browser warning pages

    ADJ
    ADJ
    Hello, Starting to get a bit frustrated with the Sophos web certificates - think I am going around in circles. I have both the Default Appliance certificate and the Security SSL Certificate installed into the Trusted Certificates store on a Windows…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • TCP Retransmission / RST, ACK - some websites not answering

    FJay
    FJay
    Hello, I have a strange behaviour with Sophos XG. It is happening now on 2 sites. On one site I Have HA (A/P) XG2300 with v19 MR-1. On second I have HA (A/A) XG2100 with v19. I tried 18.5 MR-3 with the same issues. Most of the traffic seems…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG Firewall CAA "Could not validate certificate! CAA will now close" error on Win 10 client

    Paul Norris1
    Paul Norris1
    I went away over the weekend and on login on Monday I now get the following error and the CAA exits, nothing should have changed from when it was last working on Friday. Error: "Could not validate certificate! CAA will now close error" XG Firewall…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • MTU for IPSec (Remote Access)

    JeffCooper
    JeffCooper
    Hi, Is there a way to set the MTU for the IPSec Remote Access VPN on an XGS2300 v19? I'd like to se if tweaking it improves performance for my remote users. Thanks, Jeff
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos DDNS unable to determine IP address behind NAT

    Ally
    Ally
    Hello, We have a Sophos firewall (SFOS 19.0.0 GA-Build317 ) behind a NAT router, and there is an issue with dynamic DNS on the firewall that shows a failed/unknown update when the NATed public IP option is selected. It already checked with two different…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • TCP Retransmissions, Reset and Dup packets through IPSec tunnel , Slow access thorugh tunnel

    Sampath Poodari
    Sampath Poodari
    Hi Guys, This is after 2 months of troubleshooting, escalations, helplessness from Sophos support, i'm writing this. I have this issue since we deployed the new XGS 4500 firewalls and still not able to resolve this. One of our core application is hosted…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Distinguishing Central policy managed objects

    onward
    onward
    In SFOS 18 or 19 other than comparing the Central firewall management policy levels against each XG, is there any way to distinguish firewall rules, hosts, services that are managed from Central policies (and which policy) vs those only present locally…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Cannot register with Sophos Central

    Carlo
    Carlo
    Hi, after I changed port type from dhcp (using firewall behind ips router) to pppoe (using fw to establish connection). I cannot register with Sophos Central using email and OTP or enable Red service. Internet works but quite slow (will open another…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAN link going down in Sophos XGS 3100

    DDSM FSI
    DDSM FSI
    We have two lease line links configured on Sophos XGS 3100 firewall out of which the link of one of the lease line link goes down automatically after every 3-4 hours that too after changing weight of lease lines or changing fail over rules. Looking for…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • UDP Timeout vs UDP Timeout Stream

    JeffCooper
    JeffCooper
    Hi, We're getting one-side of calls randomly going silent. The default values of my XG2300 are UDP Timeout 30 UDP Timeout Stream 150 I read I should increase the timeout to 150, but should I make them match? increase both 5x? I don't understand…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG210 HA ver. 18.5.x to 19.0. migration

    Giorgio Premoli1
    Giorgio Premoli1
    Dear all, a customer of mine has 2 XG210 in HA mode (Active/Passive) that are running with the firmware version 18.5. I have to upgrade the HA to the version 19.0 and I'd like to know if I can upgrade/migrate the firmware without un-mounting the HA…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • FW19 country blocking

    weissnix
    weissnix
    Hello, i create a firewall rule with this manuel https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RulesAndPolicies/FirewallRules/FirewallRulesCountryBasedRuleCreate/index.html but they doesn´t work…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG API DHCPServer does unexpected

    Michael Schneider
    Michael Schneider
    Hallo Community, i am working on some powershell scripts against the XG APi, when i came across this strange behaviour i do not understand. I am trying to setup a DHCP Server via the API, everything is nicely wrapped in powershell class that's why…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • OSPF not enabled on interface

    AstaroNBack
    AstaroNBack
    XGS107 (SFOS 19.0.0 GA-Build317 I have OSPF configured and working on another XGS 107. I have dynamic routing enabled in ADMIN>Device Access.> LAN, I am using Port 2, which I have changed to LAN. Under Information OSFP > Interface it shows…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • TCP responses from a website being dropped by firewall

    Tom Burger
    Tom Burger
    Hi, I'm having some trouble with a medical device uploading its results to a web server where it seems the 'return' traffic that should match the HTTPS session to the website is being dropped by the firewall. Basically the device gets plugged in, then…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG Firewall Home Use Edition on XG 86w

    BeEf
    BeEf
    Hello, I'd like to install SFOS 19 (Home Edition) on a no longer used in production XG86W firewall. Burning SW-19.0.0_GA-317.iso to a DVD and booting into it leaves me with Sophos FIRMWARE INSTALLER Created on: #Sun Apr 3 03:05:46 UTC 2022 Firmware…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG310 19 HA Active Active & RED tunnel failover

    Dardan Selimi
    Dardan Selimi
    Hey folks, I have 2 XG 310 in an active-active HA. When failover occurs (Primary goes down), the RED tunnel goes down and there is no failover for the RED tunnel. I need to disable and re-enable the RED tunnel... Is it the correct behavior in…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos SG135 w. SFOS v19 AP100 inactive since 17.5

    Alex Marschall
    Alex Marschall
    Hello, I have problems updating to v19. As soon as I install the v19 update, my AP100 (3 pieces) remain inactive (1 ROOT 2 MESH). Only the ROOT emits WiFi despite the inactive message. As soon as I go back down to 17.5, everything is active again and…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos v19 - Web Proxy or DPI-SSL web filtering & DNS requests

    ADJ
    ADJ
    Hi, I have a question about Web content filtering using either Web proxy or DPI-SSL and DNS requests/resolution. I have Sophos firewall set up in bridge mode with Netgear router as the gateway and for DNS. The Netgear router handles DHCP and DNS…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG 330 suddenly shuts down for 5 minutes, then up again. please help

    Ivan Lendl Mararac
    Ivan Lendl Mararac
    Hi Everyone, I have a sophos XG 330 (SFOS 19.0.0 GA-Build317), every afternoon almost always at 4 in the afternoon my sophos lan, wan and dmz ports shuts down, no blinking lights on all ports then suddenly it opens again. what seems to be the reason…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • VLAN tag on the WAN port using PPPoE ( UFB NZ )

    John Mitchell1
    John Mitchell1
    Good morning / Day / Evening all, I am trying to set up the Sophos home version V19 at home. I have created a VLAN 10 with PPPoE and it shows that it is connected and I have my static IP as I would expect but I am not getting any traffic. Back in…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • The renewal of your Heartbeat intermediate certificate has failed

    ScHwAnG86
    ScHwAnG86
    My HA XGS136 cluster is experiencing this issue with heartbeats: I get an error alert in Sophos Central The renewal of your Heartbeat intermediate certificate has failed Looking in the heartbeat log I can see failures. tail /var/tslog/heartbeatd…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Need help on Sophos XG 310 17.5 to 19.0 upgrade

    Anas Assainar
    Anas Assainar
    Hi all, My Sophos XG 310 running on 17.5 need an upgrade to 19.0, is it safe to do so? As I read comments on Sophos community I have seen a lot of issues faced including configuration flush out and device brick by other users. Thanks in advance…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • DNS Not Working through IPSEC Remote Access

    JeffCooper
    JeffCooper
    Hi, I got a Remote Access IPSEC working on an XGS2300 (v19). It worked but was unusably slow. Sophos support suggested I disable "Use as default gateway" and explicitely add resources VPN clients could see. I want them to see the entire LAN, and the…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>